|
318981
|
6.5 |
MEDIUM
Network
|
planex
|
mzk-dp300n_firmware
|
MZK-DP300N firmware versions 1.04 and earlier contains a cross-site request forger vulnerability. Viewing a malicious page while logging in to the web management page of the affected product may lead…
|
CWE-352
Origin Validation Error
|
CVE-2024-45372
|
2024-10-3 09:34 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
318982
|
9.8 |
CRITICAL
Network
|
nationalkeep
|
cybermath
|
Incorrect Authorization vulnerability in National Keep Cyber Security Services CyberMath allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects CyberMath: before CYBM.2408…
|
CWE-863
Incorrect Authorization
|
CVE-2024-7108
|
2024-10-3 09:31 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
318983
|
7.1 |
HIGH
Network
|
paloaltonetworks
|
pan-os
globalprotect
prisma_access
|
An information exposure vulnerability exists in Palo Alto Networks PAN-OS software that enables a GlobalProtect end user to learn both the configured GlobalProtect uninstall password and the configur…
|
NVD-CWE-noinfo
|
CVE-2024-8687
|
2024-10-3 09:26 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
318984
|
4.4 |
MEDIUM
Local
|
paloaltonetworks
|
pan-os
|
An improper neutralization of matching symbols vulnerability in the Palo Alto Networks PAN-OS command line interface (CLI) enables authenticated administrators (including read-only administrators) wi…
|
NVD-CWE-Other
|
CVE-2024-8688
|
2024-10-3 09:19 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
318985
|
- |
|
-
|
-
|
RSSHub is an RSS network. Prior to commit 64e00e7, RSSHub's `docker-test-cont.yml` workflow is vulnerable to Artifact Poisoning, which could have lead to a full repository takeover. Downstream users …
|
CWE-20
Improper Input Validation
|
CVE-2024-47179
|
2024-10-3 05:15 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
318986
|
6.5 |
MEDIUM
Network
|
cisco
|
ios_xe
ios
|
A vulnerability in the web UI feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affec…
|
CWE-352
Origin Validation Error
|
CVE-2024-20414
|
2024-10-3 05:02 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
318987
|
7.2 |
HIGH
Network
|
prisna
|
google_website_translator
|
The Prisna GWT – Google Website Translator plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.4.11 via deserialization of untrusted input from the 'pri…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2024-8514
|
2024-10-3 04:59 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
318988
|
5.4 |
MEDIUM
Network
|
themexclub
|
oneelements
|
The OneElements – Best Elementor Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.3.7 due to insufficient input sa…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9068
|
2024-10-3 04:55 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
318989
|
5.4 |
MEDIUM
Network
|
wpzoom
|
wpzoom_shortcodes
|
The WPZOOM Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'box' shortcode in all versions up to, and including, 1.0.5 due to insufficient input sanitiza…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9027
|
2024-10-3 04:42 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
318990
|
5.4 |
MEDIUM
Network
|
graphicsly
|
graphicsly
|
The Graphicsly – The ultimate graphics plugin for WordPress website builder ( Gutenberg, Elementor, Beaver Builder, WPBakery ) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SV…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9069
|
2024-10-3 04:37 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
